CVEs from 2022
Total
5,249
critical
critical 92
high
high 1,233
medium
medium 961
low
low 24
% Critical
1.8%
% with KEV
2.5%
% with exploit
3.4%
Top vendors
- oracle 616
- netapp 438
- microsoft 165
- omron 109
- azul 82
- schneider-electric 33
- mitsubishielectric 32
- siemens 10
Top products
- jdk 116
- jre 109
- openjdk 100
- zulu 82
- graalvm 74
- cloud_secure_agent 35
- oncommand_insight 34
- cloud_insights_acquisition_unit 34
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-50728 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: s390/lcs: Fix return type of lcs_start_xmit() With clang's kernel control flow integrity (kCFI, CONFIG_CFI_CLANG), indirect call … | |||
| CVE-2022-50617 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/powerplay/psm: Fix memory leak in power state init Commit 902bc65de0b3 ("drm/amdgpu/powerplay/psm: return an error in … | |||
| CVE-2022-50372 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: cifs: Fix memory leak when build ntlmssp negotiate blob failed There is a memory leak when mount cifs: unreferenced object 0xff… | |||
| CVE-2022-49882 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: KVM: Reject attempts to consume or refresh inactive gfn_to_pfn_cache Reject kvm_gpc_check() and kvm_gpc_refresh() if the cache is… | |||
| CVE-2022-38457 | high | — | 8.0 | 3y ago | A use-after-free(UAF) vulnerability was found in function 'vmw_cmd_res_check' in drivers/gpu/vmxgfx/vmxgfx_execbuf.c in Linux kernel's vmwgfx driver with device file '/dev/dri/renderD128 (or Dxxx)'. … | |||
| CVE-2022-50733 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: usb: idmouse: fix an uninit-value in idmouse_open In idmouse_create_image, if any ftip_command fails, it will go to the reset lab… | |||
| CVE-2022-49864 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix NULL pointer dereference in svm_migrate_to_ram() ./drivers/gpu/drm/amd/amdkfd/kfd_migrate.c:985:58-62: ERROR: p i… | |||
| CVE-2022-50819 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: udmabuf: Set ubuf->sg = NULL if the creation of sg table fails When userspace tries to map the dmabuf and if for some reason (e.g… | |||
| CVE-2022-50317 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: drm/bridge: megachips: Fix a null pointer dereference bug When removing the module we will get the following warning: [ 31.911… | |||
| CVE-2022-50117 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: vfio: Split migration ops from main device ops vfio core checks whether the driver sets some migration op (e.g. set_state/get_sta… | |||
| CVE-2022-50784 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mei: fix potential NULL-ptr deref after clone If cloning the SKB fails, don't try to use it, but rather return as … | |||
| CVE-2022-49873 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix wrong reg type conversion in release_reference() Some helper functions will allocate memory. To avoid memory leaks, the … | |||
| CVE-2022-50878 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: gpu: lontium-lt9611: Fix NULL pointer dereference in lt9611_connector_init() A NULL check for bridge->encoder shows that it may b… | |||
| CVE-2022-50416 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: irqchip/wpcm450: Fix memory leak in wpcm450_aic_of_init() If of_iomap() failed, 'aic' should be freed before return. Otherwise th… | |||
| CVE-2022-49795 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: rethook: fix a potential memleak in rethook_alloc() In rethook_alloc(), the variable rh is not freed or passed out if handler is … | |||
| CVE-2022-50772 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: netdevsim: fix memory leak in nsim_bus_dev_new() If device_register() failed in nsim_bus_dev_new(), the value of reference in nsi… | |||
| CVE-2022-49715 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3: Fix refcount leak in gic_populate_ppi_partitions of_find_node_by_phandle() returns a node pointer with refcount i… | |||
| CVE-2022-49716 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3: Fix error handling in gic_populate_ppi_partitions of_get_child_by_name() returns a node pointer with refcount inc… | |||
| CVE-2022-3594 | high | — | 8.0 | 3y ago | A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function intr_callback of the file drivers/net/usb/r8152.c of the component BPF. … | |||
| CVE-2022-50820 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: perf/arm_dmc620: Fix hotplug callback leak in dmc620_pmu_init() dmc620_pmu_init() won't remove the callback added by cpuhp_setup_… | |||
| CVE-2022-42895 | high | — | 8.0 | 3y ago | There is an infoleak vulnerability in the Linux kernel's net/bluetooth/l2cap_core.c's l2cap_parse_conf_req function which can be used to leak kernel pointers remotely. We recommend upgrading past com… | |||
| CVE-2022-50356 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: net: sched: sfb: fix null pointer access issue when sfb_init() fails When the default qdisc is sfb, if the qdisc of dev_queue fai… | |||
| CVE-2022-50303 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix double release compute pasid If kfd_process_device_init_vm returns failure after vm is converted to compute vm an… | |||
| CVE-2022-50453 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: gpiolib: cdev: fix NULL-pointer dereferences There are several places where we can crash the kernel by requesting lines, unbindin… | |||
| CVE-2022-50489 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: drm/mipi-dsi: Detach devices when removing the host Whenever the MIPI-DSI host is unregistered, the code of mipi_dsi_host_unregis… | |||
| CVE-2022-50712 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: devlink: hold region lock when flushing snapshots Netdevsim triggers a splat on reload, when it destroys regions with snapshots p… | |||
| CVE-2022-50391 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: mm/mempolicy: fix memory leak in set_mempolicy_home_node system call When encountering any vma in the range with policy other tha… | |||
| CVE-2022-50760 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix PCI device refcount leak in amdgpu_atrm_get_bios() As comment of pci_get_class() says, it returns a pci_device wi… | |||
| CVE-2022-50191 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: regulator: of: Fix refcount leak bug in of_get_regulation_constraints() We should call the of_node_put() for the reference return… | |||
| CVE-2022-50246 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: usb: typec: tcpci: fix of node refcount leak in tcpci_register_port() I got the following report while doing device(mt6370-tcpc) … | |||
| CVE-2022-50234 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: io_uring/af_unix: defer registered files gc to io_uring release Instead of putting io_uring's registered files in unix_gc() we wa… | |||
| CVE-2022-50756 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: nvme-pci: fix mempool alloc size Convert the max size to bytes to match the units of the divisor that calculates the worst-case n… | |||
| CVE-2022-50544 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: usb: host: xhci: Fix potential memory leak in xhci_alloc_stream_info() xhci_alloc_stream_info() allocates stream context array fo… | |||
| CVE-2022-50276 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: power: supply: fix null pointer dereferencing in power_supply_get_battery_info when kmalloc() fail to allocate memory in kasprint… | |||
| CVE-2022-50247 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: usb: xhci-mtk: fix leakage of shared hcd when fail to set wakeup irq Can not set the @shared_hcd to NULL before decrease the usag… | |||
| CVE-2022-50272 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer() Wei Chen reports a kernel bug as blew: general protection fault,… | |||
| CVE-2022-50750 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: drm/panel/panel-sitronix-st7701: Remove panel on DSI attach failure In case mipi_dsi_attach() fails, call drm_panel_remove() to a… | |||
| CVE-2022-50479 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amd: fix potential memory leak This patch fix potential memory leak (clk_src) when function run into last return NULL. s/fre… | |||
| CVE-2022-3523 | high | — | 8.0 | 3y ago | A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is an unknown function of the file mm/memory.c of the component Driver Handler. The manipulation leads to us… | |||
| CVE-2022-50275 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: drm/radeon: Add the missed acpi_put_table() to fix memory leak When the radeon driver reads the bios information from ACPI table … | |||
| CVE-2022-50250 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: regulator: core: fix use_count leakage when handling boot-on I found a use_count leakage towards supply regulator of rdev with bo… | |||
| CVE-2022-40133 | high | — | 8.0 | 3y ago | A use-after-free(UAF) vulnerability was found in function 'vmw_execbuf_tie_context' in drivers/gpu/vmxgfx/vmxgfx_execbuf.c in Linux kernel's vmwgfx driver with device file '/dev/dri/renderD128 (or Dx… | |||
| CVE-2022-50718 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix pci device refcount leak As comment of pci_get_domain_bus_and_slot() says, it returns a pci device with refcount … | |||
| CVE-2022-50429 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: memory: of: Fix refcount leak bug in of_lpddr3_get_ddr_timings() We should add the of_node_put() when breaking out of for_each_ch… | |||
| CVE-2022-50464 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: mt76: mt7915: Fix PCI device refcount leak in mt7915_pci_init_hif2() As comment of pci_get_device() says, it returns a pci_device… | |||
| CVE-2022-50643 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: cifs: Fix xid leak in cifs_copy_file_range() If the file is used by swap, before return -EOPNOTSUPP, should free the xid, otherwi… | |||
| CVE-2022-50626 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb: fix memory leak in dvb_usb_adapter_init() Syzbot reports a memory leak in "dvb_usb_adapter_init()". The leak is d… | |||
| CVE-2022-50822 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: RDMA/restrack: Release MR restrack when delete The MR restrack also needs to be released when delete it, otherwise it cause memor… | |||
| CVE-2022-50882 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Fix memory leak in uvc_gpio_parse Previously the unit buffer was allocated before checking the IRQ for privacy G… | |||
| CVE-2022-50540 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: dmaengine: qcom-adm: fix wrong sizeof config in slave_config Fix broken slave_config function that uncorrectly compare the periph… | |||
| CVE-2022-50249 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: memory: of: Fix refcount leak bug in of_get_ddr_timings() We should add the of_node_put() when breaking out of for_each_child_of_… | |||
| CVE-2022-50127 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix error unwind in rxe_create_qp() In the function rxe_create_qp(), rxe_qp_from_init() is called to initialize qp, int… | |||
| CVE-2022-50532 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix possible resource leaks in mpt3sas_transport_port_add() In mpt3sas_transport_port_add(), if sas_rphy_add() ret… | |||
| CVE-2022-50881 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: Fix use-after-free in ath9k_hif_usb_disconnect() This patch fixes a use-after-free in ath9k that occurs in ath9k_hif… | |||
| CVE-2022-46725 | high | — | 8.0 | 3y ago | A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation. This issue is fixed in iOS 16.4 and iPadOS 16.4. Visiting a malicious website may lead to ad… | |||
| CVE-2022-49855 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: net: wwan: iosm: fix memory leak in ipc_pcie_read_bios_cfg ipc_pcie_read_bios_cfg() is using the acpi_evaluate_dsm() to obtain th… | |||
| CVE-2022-38900 | high | — | 8.0 | 3y ago | RHSA-2023:1743: nodejs:14 security, bug fix, and enhancement update (Important) | |||
| CVE-2022-36351 | high | — | 8.0 | 3y ago | Improper input validation in some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow an unauthenticated user to potentially enable denial of service via adjacent access. | |||
| CVE-2022-38076 | high | — | 8.0 | 3y ago | Improper input validation in some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow an authenticated user to potentially enable escalation of privilege via local access. | |||
| CVE-2022-50107 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: cifs: Fix memory leak when using fscache If we hit the 'index == next_cached' case, we leak a refcount on the struct page. Fix t… | |||
| CVE-2022-49287 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: tpm: fix reference counting for struct tpm_chip The following sequence of operations results in a refcount warning: 1. Open devi… | |||
| CVE-2022-50201 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: selinux: fix memleak in security_read_state_kernel() In this function, it directly returns the result of __security_read_policy w… | |||
| CVE-2022-50704 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: USB: gadget: Fix use-after-free during usb config switch In the process of switching USB config from rndis to other config, if th… | |||
| CVE-2022-50287 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: drm/i915/bios: fix a memory leak in generate_lfp_data_ptrs When (size != 0 || ptrs->lvds_ entries != 3), the program tries to fre… | |||
| CVE-2022-33196 | high | — | 8.0 | 3y ago | RHEA-2023:7117: microcode_ctl bug fix and enhancement update (Important) | |||
| CVE-2022-50239 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: cpufreq: qcom: fix writes in read-only memory region This commit fixes a kernel oops because of a write in some read-only memory:… | |||
| CVE-2022-21216 | high | — | 8.0 | 3y ago | RHEA-2023:7117: microcode_ctl bug fix and enhancement update (Important) | |||
| CVE-2022-49760 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix PTE marker handling in hugetlb_change_protection() Patch series "mm/hugetlb: uffd-wp fixes for hugetlb_change_pro… | |||
| CVE-2022-49748 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: perf/x86/amd: fix potential integer overflow on shift of a int The left shift of int 32 bit integer constant 1 is evaluated using… | |||
| CVE-2022-40964 | high | — | 8.0 | 3y ago | Improper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow a privileged user to potentially enable escalation of privilege via local access. | |||
| CVE-2022-49220 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: dax: make sure inodes are flushed before destroy cache A bug can be triggered by following command $ modprobe nd_pmem && modprob… | |||
| CVE-2022-49699 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: filemap: Handle sibling entries in filemap_get_read_batch() If a read races with an invalidation followed by another read, it is … | |||
| CVE-2022-49273 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: rtc: pl031: fix rtc features null pointer dereference When there is no interrupt line, rtc alarm feature is disabled. The cleari… | |||
| CVE-2022-50705 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: io_uring/rw: defer fsnotify calls to task context We can't call these off the kiocb completion as that might be off soft/hard irq… | |||
| CVE-2022-50004 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: xfrm: policy: fix metadata dst->dev xmit null pointer dereference When we try to transmit an skb with metadata_dst attached (i.e.… | |||
| CVE-2022-32919 | high | — | 8.0 | 3y ago | The issue was addressed with improved UI handling. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1. Visiting a website that frames malicious content may lead to UI spoofing. | |||
| CVE-2022-49938 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: cifs: fix small mempool leak in SMB2_negotiate() In some cases of failure (dialect mismatches) in SMB2_negotiate(), after the req… | |||
| CVE-2022-50064 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: virtio-blk: Avoid use-after-free on suspend/resume hctx->user_data is set to vq in virtblk_init_hctx(). However, vq is freed on … | |||
| CVE-2022-49257 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: watch_queue: Fix NULL dereference in error cleanup In watch_queue_set_size(), the error cleanup code doesn't take account of the … | |||
| CVE-2022-27635 | high | — | 8.0 | 3y ago | Improper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow a privileged user to potentially enable escalation of privilege via local access. | |||
| CVE-2022-50475 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Make sure "ib_port" is valid when access sysfs node The "ib_port" structure must be set before adding the sysfs kobjec… | |||
| CVE-2022-50279 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: rtlwifi: Fix global-out-of-bounds bug in _rtl8812ae_phy_set_txpower_limit() There is a global-out-of-bounds reported by KAS… | |||
| CVE-2022-46329 | high | — | 8.0 | 3y ago | Protection mechanism failure for some Intel(R) PROSet/Wireless WiFi software may allow a privileged user to potentially enable escalation of privilege via local access. | |||
| CVE-2022-50066 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: net: atlantic: fix aq_vec index out of range error The final update statement of the for loop exceeds the array range, the derefe… | |||
| CVE-2022-49344 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix a data-race in unix_dgram_peer_wake_me(). unix_dgram_poll() calls unix_dgram_peer_wake_me() without `other`'s lock h… | |||
| CVE-2022-32933 | high | — | 8.0 | 3y ago | An information disclosure issue was addressed by removing the vulnerable code. This issue is fixed in macOS Monterey 12.5. A website may be able to track the websites a user visited in Safari private… | |||
| CVE-2022-50297 | high | — | 8.0 | 3y ago | RHSA-2023:7077: kernel security, bug fix, and enhancement update (Important) | |||
| CVE-2022-46705 | high | — | 8.0 | 3y ago | A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1, Safari 16.2. Visiting a… | |||
| CVE-2022-50844 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix type of second parameter in odn_edit_dpm_table() callback With clang's kernel control flow integrity (kCFI, CONFI… | |||
| CVE-2022-49837 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix memory leaks in __check_func_call kmemleak reports this issue: unreferenced object 0xffff88817139d000 (size 2048): co… | |||
| CVE-2022-49827 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: drm: Fix potential null-ptr-deref in drm_vblank_destroy_worker() drm_vblank_init() call drmm_add_action_or_reset() with drm_vblan… | |||
| CVE-2022-50290 | high | — | 8.0 | 3y ago | RHSA-2023:7077: kernel security, bug fix, and enhancement update (Important) | |||
| CVE-2022-49811 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: drbd: use after free in drbd_create_device() The drbd_destroy_connection() frees the "connection" so use the _safe() iterator to … | |||
| CVE-2022-49746 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: dmaengine: imx-sdma: Fix a possible memory leak in sdma_transfer_init If the function sdma_load_context() fails, the sdma_desc wi… | |||
| CVE-2022-50488 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix possible uaf for 'bfqq->bic' Our test report a uaf for 'bfqq->bic' in 5.10: ====================================… | |||
| CVE-2022-48991 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: mm/khugepaged: invoke MMU notifiers in shmem/file collapse paths Any codepath that zaps page table entries must invoke MMU notifi… | |||
| CVE-2022-49774 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: KVM: x86/xen: Fix eventfd error handling in kvm_xen_eventfd_assign() Should not call eventfd_ctx_put() in case of error. [Introd… | |||
| CVE-2022-50556 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: drm: Fix potential null-ptr-deref due to drmm_mode_config_init() drmm_mode_config_init() will call drm_mode_create_standard_prope… | |||
| CVE-2022-50351 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: cifs: Fix xid leak in cifs_create() If the cifs already shutdown, we should free the xid before return, otherwise, the xid will b… | |||
| CVE-2022-50781 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: amdgpu/pm: prevent array underflow in vega20_odn_edit_dpm_table() In the PP_OD_EDIT_VDDC_CURVE case the "input_index" variable is… |